The need by some businesses and organizations to exchange encrypted email among large numbers of users has grown from a nice-to-have feature to an important business requirement. For many such businesses and organizations, however, the current approach to the exchange of email encryption certificates presents a substantial impediment to the effective implementation of this requirement.
In many typical email encryption systems, in order for a sender to transmit an encrypted email message to a receiver, the encryption algorithm uses both a first (or public) key and a second (or private) key of the receiver. Thus, during formulation of the encrypted email message, the sender must have the public keys of all of the recipients of the message. Similarly, to properly de-encrypt the email message, the receiver must have the private key of his own. The public key information is typically exchanged between the sender and receiver using an encryption certificate. Prior art email encryption systems of the type described above are generally disclosed, for example, in U.S. Pat. No. 6,760,752 B1 issued to Liu and Cook, U.S. Pat. No. 6,687,822 B1 issued to Jakobsson, and U.S. Pat. No. 6,289,105 B1 issued to Murota.
Current industry standards for transmitting email messages via the Internet do not include a standard for the automated exchange of encryption keys and encryption certificates necessary for the successful transmission of encrypted email. As a result, the exchange of encryption keys among users in the past has been accomplished manually and on an ad hoc basis. Typically, the current manual process for the above-described email encryption systems involves a first user digitally signing an email to a second user with a digital signature (or encryption certificate) that includes the first user's key. The second user then saves the first user's key and is thereafter able to formulate and transmit encrypted email messages to the first user. To read the encrypted messages, the first user must then obtain the second user's key via the transmission of another digital signature from the second user to perform the de-encryption.
Although desirable results have been achieved using such prior art systems, there is room for improvement. For example, when a sender desires to send an encrypted email message to a large number of users, the manual exchanges that must occur between the sender and each recipient add inefficiency (and therefore cost) to the process. As the number of intended recipients increases (e.g. hundreds, thousands), the manual approach becomes severely impractical, and as the number further increases (e.g. tens and hundreds of thousands), the manual approach becomes virtually impossible. This problem is further compounded when the respective keys of the email users of the organization randomly and non-uniformly expire or are updated by the individual users, or as new users are added